You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by mm...@apache.org on 2010/02/18 15:15:38 UTC

svn commit: r911411 - in /spamassassin/trunk/lib/Mail/SpamAssassin: DnsResolver.pm Plugin/Razor2.pm

Author: mmartinec
Date: Thu Feb 18 14:15:38 2010
New Revision: 911411

URL: http://svn.apache.org/viewvc?rev=911411&view=rev
Log:
preserve entropy across Razor call,
reveal less of a random accumulator at a time

Modified:
    spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm
    spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Razor2.pm

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm?rev=911411&r1=911410&r2=911411&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/DnsResolver.pm Thu Feb 18 14:15:38 2010
@@ -313,7 +313,8 @@
   for my $ic (unpack("C*",$string)) {
     if (chr($ic) =~ /^[A-Za-z]\z/) {
       if ($have_rnd_bits < 1) {
-        $rnd = rand(0x7fffffff);  $have_rnd_bits = 31;
+        # only reveal few bits at a time, hiding most of the accumulator
+        $rnd = rand(~0) & 0xff;  $have_rnd_bits = 8;
       }
       $ic ^= 0x20  if $rnd & 1;  # flip the 0x20 bit in name if dice says so
       $rnd = $rnd >> 1;  $have_rnd_bits--;

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Razor2.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Razor2.pm?rev=911411&r1=911410&r2=911411&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Razor2.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/Razor2.pm Thu Feb 18 14:15:38 2010
@@ -155,6 +155,8 @@
 
   Mail::SpamAssassin::PerMsgStatus::enter_helper_run_mode($self);
 
+  my $rnd = rand(~0);  # save entropy before Razor clobbers it
+
   my $timer = Mail::SpamAssassin::Timeout->new(
                { secs => $timeout, deadline => $deadline });
   my $err = $timer->run_and_catch(sub {
@@ -309,7 +311,10 @@
   # OK, that's enough Razor stuff. now, reset all that global
   # state it futzes with :(
   # work around serious brain damage in Razor2 (constant seed)
-  srand;
+  $rnd ^= rand(~0);  # mix old accumulator with whatever came out of razor
+  srand;             # let Perl give it a try ...
+  $rnd ^= rand(~0);  # ... and mix that in too
+  srand($rnd & 0x7fffffff);  # reseed, keep it unsigned 32-bit just in case
 
   Mail::SpamAssassin::PerMsgStatus::leave_helper_run_mode($self);